Se connecter / S'enregistrer
Votre question
Résolu

Services.exe à 99% tout le temps."resolu"

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Janvier 2011 01:48:49

avec le programe "processExplorer" je clique sur propriété de services.exe
il y a deux umpnpmgr.dll

Dans "umpnpmgr.dll!PNP_HwProFlags+0x2ba"
le processus qui tourne a 99% avant que le suspend.
et même si je kill ce processus il revient au redemarrage.
il y a ça:

ntoskrnl.exe!ExReleaseResourceLite+0x1a3
ntoskrnl.exe!PsGetContextThread+0x329
ntoskrnl.exe!FsRtlInitializeFileLock+0x83f
ntoskrnl.exe!RtlAppendUnicodeToString+0x2b8
hal.dll+0x2c35
kernel32.dll!lstrcmpW+0xa3
setupapi.dll!CM_Get_Device_Interface_List_ExW+0x1e5
setupapi.dll!SetupDiGetINFClassA+0xd2e
setupapi.dll!SetupDiCancelDriverInfoSearch+0x1f3
setupapi.dll!pSetupGetCurrentDriverSigningPolicy+0x3015
setupapi.dll!pSetupGetCurrentDriverSigningPolicy+0x326a
setupapi.dll!pSetupAcquireSCMLock+0xcae
setupapi.dll!SetupDiBuildDriverInfoList+0x9a7
umpnpmgr.dll!ServiceEntry+0x9777
umpnpmgr.dll!ServiceEntry+0x1e98
kernel32.dll!GetModuleFileNameA+0x1b4

dans l'autre "umpnpmgr.dll!PNP_GetDeviceRegProp+0x3d9" qui lui ne tourne pa du tout
ily a ça:
ntoskrnl.exe!ExReleaseResourceLite+0x1a3
ntoskrnl.exe!PsGetContextThread+0x329
ntoskrnl.exe!FsRtlInitializeFileLock+0x83f
ntoskrnl.exe!FsRtlInitializeFileLock+0x87e
ntoskrnl.exe!IoCreateDevice+0x41d
ntoskrnl.exe!ZwYieldExecution+0xb78
ntdll.dll!KiFastSystemCallRet
kernel32.dll!GetModuleFileNameA+0x1b4

ce que je veus savoir c'est quel fichier ou quel programme qui lance le premier au demarrage pour pouvoir le supprimer.
voici un rapport HJ (avec le fameux umpnpmgr.dll suspendu) pour une meilleur aide de votre part:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:44:13, on 02/01/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\NETGEAR\WG311 Wireless Smart Configuration\Utility\NetgearAG.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
F:\Milan\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - F:\Program Files\Shareaza Applications\Shareaza\Shareaza\RazaWebHook32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DownloadGuardBHO - {20C1A7F0-528E-444F-BAC5-5804A61CCA7F} - C:\Program Files\Lavasoft\Download Guard for Internet Explorer\DownloadGuardBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [AS01_Netgear] C:\Program Files\NETGEAR\WG311 Wireless Smart Configuration\Utility\NetgearAG.exe -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Service Google Update (gupdate1cac74520f3532e) (gupdate1cac74520f3532e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\System32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 8918 bytes

si je ne suspend pas umpnpmgr.dll je ne peut rien faire.
Merci pour votre aide; salutation, et bonne année à vous tous.

Autres pages sur : services exe temps resolu

2 Janvier 2011 14:27:29

j'ai oublié de dire Bonjour. :) 
m
0
l
a c 615 8 Sécurité
2 Janvier 2011 15:27:27

[:arslan:13] Bonjour,

Merci de faire ceci : (kill le processus qui bouffe l'UC si besoin)

Télécharge OTL (de Old Timer) sur ton bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    /md5start
    explorer.exe
    wininit.exe
    winlogon.exe
    userinit.exe
    /md5stop
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
    PS : Les rapports sont aussi enregistrés sur le bureau

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    m
    0
    l
    Contenus similaires
    2 Janvier 2011 18:39:44

    Bonjour, et bonne année, c'est peut etre une coïncidence mais ce problème est arrivé après installation des programmes OVI, voici le rapport OTL:




    OTL logfile created on: 02/01/2011 18:21:17 - Run 1
    OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\\Bureau
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1 023,00 Mb Total Physical Memory | 418,00 Mb Available Physical Memory | 41,00% Memory free
    4,00 Gb Paging File | 4,00 Gb Available in Paging File | 90,00% Paging File free
    Paging file location(s): C:\pagefile.sys 3072 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 149,04 Gb Total Space | 93,07 Gb Free Space | 62,44% Space Free | Partition Type: NTFS
    Drive F: | 74,53 Gb Total Space | 24,07 Gb Free Space | 32,30% Space Free | Partition Type: NTFS

    Computer Name: -7KBQKCVRF | User Name: | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/01/02 18:18:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\\Bureau\OTL.exe
    PRC - [2010/09/07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    PRC - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    PRC - [2010/07/01 10:32:01 | 000,864,112 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    PRC - [2010/07/01 10:31:59 | 001,352,832 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    PRC - [2010/05/14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    PRC - [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2007/01/11 05:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
    PRC - [2003/12/19 13:49:28 | 000,446,464 | ---- | M] ( ) -- C:\Program Files\NETGEAR\WG311 Wireless Smart Configuration\Utility\NetgearAG.exe
    PRC - [2001/08/23 17:47:34 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe


    ========== Modules (SafeList) ==========

    MOD - [2011/01/02 18:18:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\klara\Bureau\OTL.exe


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerService.exe -- (Installer Service)
    SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
    SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
    SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2010/07/01 10:31:59 | 001,352,832 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
    SRV - [2009/11/06 09:20:16 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
    SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
    SRV - [2009/06/12 00:47:00 | 002,837,916 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
    SRV - [2009/05/29 16:13:20 | 000,234,864 | ---- | M] (CybelSoft) [Disabled | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
    SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
    SRV - [2008/12/12 00:15:39 | 001,079,176 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
    SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
    SRV - [2007/01/11 05:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
    SRV - [2003/06/18 09:54:10 | 000,294,972 | ---- | M] (Eastman Kodak Company) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
    SRV - [2003/05/14 10:10:46 | 000,045,056 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CDBurnerXP Pro 3\Tools\NMSAccess.exe -- (NMSAccess)
    SRV - [1997/05/14 22:49:22 | 000,013,312 | ---- | M] () [Disabled | Stopped] -- c:\XAMPPLite\srvany.exe -- (LMBMySQL)
    SRV - [1997/05/14 22:49:22 | 000,013,312 | ---- | M] () [Disabled | Stopped] -- c:\XAMPPLite\srvany.exe -- (LMBApache)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\ZDPSp50.sys -- (ZDPSp50)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
    DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\nvDual.sys -- (NVDual)
    DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\CFRMD.sys -- (CFRMD)
    DRV - [2010/09/26 22:30:45 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
    DRV - [2010/09/07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2010/09/07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2010/09/07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2010/09/07 15:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
    DRV - [2010/09/07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2010/09/07 15:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
    DRV - [2010/07/01 10:32:21 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
    DRV - [2010/05/17 09:54:05 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nocashio.sys -- (nocashio)
    DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
    DRV - [2009/05/29 16:16:48 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
    DRV - [2008/10/06 11:38:54 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
    DRV - [2008/07/10 21:11:39 | 000,005,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MS1000.sys -- (MS1000)
    DRV - [2008/04/13 11:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
    DRV - [2008/04/13 11:39:52 | 000,005,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mstee.sys -- (MSTEE)
    DRV - [2008/01/09 00:57:52 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
    DRV - [2007/09/05 20:38:14 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hmumdm.sys -- (MobileAdapter)
    DRV - [2007/06/29 16:32:08 | 000,611,584 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
    DRV - [2007/06/29 13:20:30 | 000,051,712 | ---- | M] (Sagem Communication) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UsbSagCom.sys -- (UsbSagCom)
    DRV - [2005/10/16 07:00:00 | 000,012,928 | ---- | M] (Bo Brantén) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\filedisk.sys -- (FileDisk)
    DRV - [2003/11/10 13:48:00 | 000,016,283 | ---- | M] (Ken Kato) [Kernel | On_Demand | Stopped] -- F:\Milan\eeepcfr\eeepcfr\usb_prep8\vdk.sys -- (VirtualDK)
    DRV - [2003/10/07 23:23:12 | 000,344,448 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wg311nd5.sys -- (NETGEAR_WG311_SERVICE)
    DRV - [2003/07/28 15:19:00 | 001,341,339 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
    DRV - [2003/06/18 09:53:08 | 000,138,485 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
    DRV - [2003/06/18 09:53:08 | 000,063,002 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
    DRV - [2003/06/18 09:53:08 | 000,061,568 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
    DRV - [2003/06/18 09:53:08 | 000,038,997 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
    DRV - [2003/06/18 09:53:08 | 000,036,826 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DCCAM)
    DRV - [2003/06/18 09:53:08 | 000,008,058 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
    DRV - [2002/10/15 14:59:24 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
    DRV - [2002/10/14 23:00:00 | 000,101,431 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeChnDr.sys -- (IdeChnDr) Intel(R)
    DRV - [2002/10/14 23:00:00 | 000,013,891 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeBusDr.sys -- (IdeBusDr)
    DRV - [2002/04/11 17:43:44 | 000,016,194 | ---- | M] (AMBIT Microsystems Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\AWINDIS5.SYS -- (AWINDIS5)
    DRV - [2002/04/11 09:47:52 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipfilter.sys -- (IPFilter)
    DRV - [2001/08/17 20:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Pilote du Gestionnaire SoundFont Creative (WDM)
    DRV - [2001/08/17 20:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Pilote du Gestionnaire d'interface Creative (WDM)
    DRV - [2001/08/17 20:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
    DRV - [2001/08/17 20:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
    DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=

    ========== FireFox ==========


    FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2008/01/18 02:07:19 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/26 02:21:57 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/26 02:21:54 | 000,000,000 | ---D | M]

    [2008/12/14 20:47:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\klara\Application Data\Mozilla\Extensions
    [2011/01/01 20:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions
    [2010/09/09 00:34:46 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    [2010/05/13 00:46:21 | 000,000,000 | ---D | M] (Cookie Monster) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}(2)
    [2010/10/23 02:20:57 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2010/08/01 02:03:45 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
    [2008/07/23 11:09:14 | 000,000,000 | ---D | M] (PhishTank SiteChecker) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\{8bc5b5eb-0ec4-46ed-a024-ace8a3032888}
    [2010/09/10 01:56:06 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2010/05/13 00:46:21 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(2)
    [2010/01/20 00:09:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}
    [2009/02/13 17:34:11 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
    [2009/11/13 21:48:39 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
    [2010/12/10 10:58:27 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2010/10/23 02:19:38 | 000,000,000 | ---D | M] (Flashbug) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\flashbug@coursevector.com
    [2010/12/23 01:22:56 | 000,000,000 | ---D | M] (FlashVideoReplacer) -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\flvideoreplacer@lovinglinux.megabyet.net
    [2010/02/07 15:40:19 | 000,000,000 | ---D | M] (Dictionnaire français «Réforme 1990») -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\fr@dictionaries.addons.mozilla.org
    [2010/05/13 00:46:21 | 000,000,000 | ---D | M] (Dictionnaire français «Classique & Réforme 1990») -- C:\Documents and Settings\klara\Application Data\Mozilla\Firefox\Profiles\vyjg33p0.default\extensions\fr-classique-reforme1990@dictionaries.addons.mozilla(2).org
    [2011/01/01 20:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2010/07/04 19:34:43 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    [2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    [2009/11/17 13:05:47 | 000,155,648 | ---- | M] (PopCap Games) -- C:\Program Files\Mozilla Firefox\plugins\nppopcaploader.dll
    [2006/09/26 12:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
    [2010/09/14 22:32:19 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
    [2010/09/14 22:32:19 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2010/09/14 22:32:19 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
    [2010/09/14 22:32:19 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
    [2010/09/14 22:32:19 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2011/01/02 15:31:04 | 000,429,697 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 123topsearch.com
    O1 - Hosts: 127.0.0.1 www.123topsearch.com
    O1 - Hosts: 127.0.0.1 132.com
    O1 - Hosts: 127.0.0.1 www.132.com
    O1 - Hosts: 127.0.0.1 136136.net
    O1 - Hosts: 127.0.0.1 www.136136.net
    O1 - Hosts: 127.0.0.1 163ns.com
    O1 - Hosts: 127.0.0.1 www.163ns.com
    O1 - Hosts: 14791 more lines...
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    O2 - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - F:\Program Files\Shareaza Applications\Shareaza\Shareaza\RazaWebHook32.dll (Shareaza Development Team)
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Download Guard for Internet Explorer) - {20C1A7F0-528E-444F-BAC5-5804A61CCA7F} - C:\Program Files\Lavasoft\Download Guard for Internet Explorer\DownloadGuardBHO.dll (Lavasoft AB )
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
    O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
    O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AS01_Netgear] C:\Program Files\NETGEAR\WG311 Wireless Smart Configuration\Utility\NetgearAG.exe ( )
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKCU..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
    O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Value error. File not found
    O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Value error. File not found
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-7... (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-wind... (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-wind... (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-wind... (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-wind... (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-wind... (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-wind... (Reg Error: Key error.)
    O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\klara\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\klara\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2007/11/26 00:32:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2008/01/02 03:56:02 | 000,000,194 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/01/02 18:18:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\klara\Bureau\OTL.exe
    [2011/01/02 15:50:45 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
    [2011/01/02 15:50:45 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
    [2011/01/02 15:50:45 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
    [2011/01/02 15:50:44 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
    [2011/01/02 15:50:42 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
    [2011/01/02 15:50:37 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
    [2011/01/02 15:50:28 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
    [2011/01/02 15:50:19 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
    [2011/01/02 15:32:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\klara\Recent
    [2011/01/01 20:12:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\klara\Bureau\ProcessExplorer
    [2011/01/01 18:55:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\klara\Mes documents\cleNokia
    [2010/12/26 02:23:08 | 000,000,000 | ---D | C] -- C:\aa99b9ee8836e0ee1f6ee7
    [2010/12/26 00:17:06 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [12 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/01/02 18:20:18 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [2011/01/02 18:18:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\klara\Bureau\OTL.exe
    [2011/01/02 18:12:40 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2011/01/02 18:12:40 | 000,080,508 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
    [2011/01/02 18:12:40 | 000,000,540 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
    [2011/01/02 18:12:39 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2011/01/02 17:58:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/01/02 17:56:18 | 000,000,213 | RHS- | M] () -- C:\boot.ini
    [2011/01/02 15:31:04 | 000,429,697 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2011/01/01 20:13:09 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\klara\Application Data\Microsoft\Internet Explorer\Quick Launch\Raccourci vers procexp.exe.lnk
    [2011/01/01 19:03:20 | 000,002,347 | ---- | M] () -- C:\Documents and Settings\klara\Application Data\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP Pro 3.lnk
    [2011/01/01 02:51:34 | 000,001,524 | ---- | M] () -- C:\Documents and Settings\klara\Application Data\QuickZip45.ini
    [2011/01/01 02:51:02 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
    [2010/12/31 21:12:29 | 000,429,637 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110102-153104.backup
    [2010/12/31 14:56:56 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/12/26 02:32:05 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2010/12/24 03:34:17 | 000,429,637 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101231-211229.backup
    [2010/12/10 17:39:12 | 000,071,604 | ---- | M] () -- C:\Documents and Settings\klara\Bureau\marylouuu.jpg
    [2010/12/10 17:38:52 | 000,052,230 | ---- | M] () -- C:\Documents and Settings\klara\Bureau\marylouu.jpg
    [2010/12/10 17:38:33 | 000,033,317 | ---- | M] () -- C:\Documents and Settings\klara\Bureau\marylouo.jpg
    [2010/12/10 17:38:16 | 000,060,428 | ---- | M] () -- C:\Documents and Settings\klara\Bureau\marylou;.jpg
    [2010/12/10 17:37:25 | 000,033,471 | ---- | M] () -- C:\Documents and Settings\klara\Bureau\marylou!.jpg
    [2010/12/10 17:37:06 | 000,102,712 | ---- | M] () -- C:\Documents and Settings\klara\Bureau\marylou000.jpg
    [2010/12/10 17:34:27 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
    [2010/12/10 17:16:56 | 000,063,362 | ---- | M] () -- C:\Documents and Settings\klara\Bureau\marylou à l'école.jpg
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [12 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/01/01 20:13:09 | 000,000,647 | ---- | C] () -- C:\Documents and Settings\klara\Application Data\Microsoft\Internet Explorer\Quick Launch\Raccourci vers procexp.exe.lnk
    [2010/12/10 17:39:19 | 000,071,604 | ---- | C] () -- C:\Documents and Settings\klara\Bureau\marylouuu.jpg
    [2010/12/10 17:38:57 | 000,052,230 | ---- | C] () -- C:\Documents and Settings\klara\Bureau\marylouu.jpg
    [2010/12/10 17:38:38 | 000,033,317 | ---- | C] () -- C:\Documents and Settings\klara\Bureau\marylouo.jpg
    [2010/12/10 17:38:23 | 000,060,428 | ---- | C] () -- C:\Documents and Settings\klara\Bureau\marylou;.jpg
    [2010/12/10 17:37:30 | 000,033,471 | ---- | C] () -- C:\Documents and Settings\klara\Bureau\marylou!.jpg
    [2010/12/10 17:37:17 | 000,102,712 | ---- | C] () -- C:\Documents and Settings\klara\Bureau\marylou000.jpg
    [2010/12/10 17:34:27 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
    [2010/12/10 17:17:01 | 000,063,362 | ---- | C] () -- C:\Documents and Settings\klara\Bureau\marylou à l'école.jpg
    [2010/05/31 12:57:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
    [2010/05/17 09:54:05 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\nocashio.sys
    [2010/05/04 16:37:47 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
    [2010/05/04 16:37:46 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
    [2010/05/04 16:37:40 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2010/05/04 16:37:39 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2010/05/04 16:37:37 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
    [2010/05/03 09:58:19 | 000,001,524 | ---- | C] () -- C:\Documents and Settings\klara\Application Data\QuickZip45.ini
    [2010/04/12 10:08:12 | 000,073,520 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2010/03/19 00:06:33 | 000,000,042 | ---- | C] () -- C:\WINDOWS\AlchemyMindworksUpdateList.INI
    [2009/12/16 21:00:13 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.INI
    [2009/12/01 10:15:57 | 000,000,110 | ---- | C] () -- C:\WINDOWS\GMouse.ini
    [2009/11/16 01:54:44 | 000,004,255 | ---- | C] () -- C:\WINDOWS\System32\drivers\adv01nt5.dll
    [2009/11/16 01:54:42 | 000,014,143 | ---- | C] () -- C:\WINDOWS\System32\drivers\atv06nt5.dll
    [2009/11/16 01:54:42 | 000,011,359 | ---- | C] () -- C:\WINDOWS\System32\drivers\atv02nt5.dll
    [2009/10/15 22:53:23 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\wnaspi32.dll
    [2009/06/30 11:15:58 | 000,009,344 | ---- | C] () -- C:\WINDOWS\System32\framebuf.dll
    [2009/06/30 11:15:56 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\iepeers.dll
    [2009/06/30 11:15:44 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\kd1394.dll
    [2009/06/30 11:14:53 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\ntmsdba.dll
    [2009/06/28 00:16:06 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
    [2009/06/23 16:25:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\LAYOUT.INI
    [2009/05/31 23:09:49 | 000,004,946 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\mtbjfghn.xbe
    [2009/04/10 13:03:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\wfsys.sys
    [2009/02/19 12:13:04 | 000,000,202 | ---- | C] () -- C:\WINDOWS\ka.ini
    [2009/02/13 18:01:51 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.klara.ini
    [2008/12/21 00:01:29 | 000,000,136 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
    [2008/10/06 11:38:54 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
    [2008/09/28 21:10:03 | 000,001,226 | ---- | C] () -- C:\WINDOWS\disney.ini
    [2008/07/10 21:56:56 | 000,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
    [2008/07/10 21:56:55 | 000,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
    [2008/07/10 21:55:34 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
    [2008/07/10 21:11:40 | 000,005,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\MS1000.sys
    [2008/07/10 21:03:38 | 000,003,120 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\118300.34
    [2008/07/10 21:03:19 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\Machnm64.sys
    [2008/07/10 21:03:19 | 000,002,304 | ---- | C] () -- C:\WINDOWS\System32\Machnm32.sys
    [2008/04/17 21:29:08 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
    [2008/04/17 21:20:40 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX7400DEFGIPS.ini
    [2008/02/13 21:21:23 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
    [2008/02/07 01:30:03 | 000,096,256 | ---- | C] () -- C:\Documents and Settings\klara\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/01/15 00:52:31 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
    [2008/01/15 00:52:30 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\mstee.sys
    [2008/01/14 02:16:07 | 000,000,371 | ---- | C] () -- C:\WINDOWS\JMC_1000_V0601.INI
    [2007/12/10 00:30:11 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
    [2007/11/26 01:37:33 | 000,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini
    [2007/11/26 01:31:18 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\WLANUTL.dll
    [2007/11/26 00:29:50 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\isrdbg32.dll
    [2007/11/26 00:29:34 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\isign32.dll
    [2007/11/26 00:13:10 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2002/04/11 09:47:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\msmscoin.dll
    [2001/10/02 19:18:06 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\igmpagnt.dll
    [2001/09/05 15:05:16 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\symplisc.dll
    [2001/09/05 15:05:16 | 000,045,568 | ---- | C] () -- C:\WINDOWS\symplisc.dll
    [1999/07/23 12:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
    [1999/07/23 09:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CBAC4FD8
    @Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\wupdmgr.exe:SummaryInformation
    @Alternate Data Stream - 16 bytes -> C:\Documents and Settings\klara\Mes documents\Shareaza Downloads:Shareaza.GUID
    @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D 1B5B4F1
    @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:45CAB638
    @Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D FC5A2B2
    @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E65BB25A
    @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B0E38115

    < End of report >

    Bon courage...
    m
    0
    l
    a c 615 8 Sécurité
    2 Janvier 2011 18:49:54

    Re,

    Il manque le rapport Extra.txt ;) 


    Rien d'infectieux à première vue, donc je penche plutôt oui pour un programme installé.
    Tente de supprimer ceux installé en dernier et regarde si çà change quelque chose.

    [:_tom_:7]
    m
    0
    l
    2 Janvier 2011 19:21:02

    je pense avoir tout désinstaller de chez Nokia et ovi (pas de changements toujours même probleme) mais qui sait peut etre reste il une petite bête les scan ont été fait après suspension de "umpnpmgr.dll!PNP_HwProFlags+0x2ba" , et effectivement j'ai oublier l'extra que voila:






    OTL Extras logfile created on: 02/01/2011 18:21:17 - Run 1
    OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\klara\Bureau
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1 023,00 Mb Total Physical Memory | 418,00 Mb Available Physical Memory | 41,00% Memory free
    4,00 Gb Paging File | 4,00 Gb Available in Paging File | 90,00% Paging File free
    Paging file location(s): C:\pagefile.sys 3072 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 149,04 Gb Total Space | 93,07 Gb Free Space | 62,44% Space Free | Partition Type: NTFS
    Drive F: | 74,53 Gb Total Space | 24,07 Gb Free Space | 32,30% Space Free | Partition Type: NTFS

    Computer Name:-7KBQKCVRF | User Name: | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "F:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "F:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "AntiVirusDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0
    "FirewallDisableNotify" = 1
    "UpdatesDisableNotify" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
    "1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
    "1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
    "500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
    "1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
    "1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
    "500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:D isabled:SopCast Main Application -- File not found
    "C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:D isabled:SopCast Adver -- File not found
    "C:\Program Files\adslTV\adsltv.exe" = C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv -- (adsl TV / FM)
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:D isabled:Windows Live FolderShare -- (Microsoft Corporation)
    "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:D isabled:Windows Live Messenger 8.1 (Phone) -- File not found
    "F:\Program Files\Shareaza Applications\Shareaza\Shareaza\Shareaza.exe" = F:\Program Files\Shareaza Applications\Shareaza\Shareaza\Shareaza.exe:*:Enabled:Shareaza -- (Shareaza Development Team)
    "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
    "C:\Program Files\Warcraft III\Warcraft III.exe" = C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- File not found


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
    "{11B0F8D4-FD80-4800-ABA8-50D28FF769AF}" = e-Carte Bleue La Banque Postale
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
    "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
    "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
    "{29397E8C-6C98-4C84-83D8-FF987219EC01}_is1" = Rappelz
    "{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1" = RegAlyzer
    "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
    "{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
    "{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
    "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
    "{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
    "{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{3AFDD2C6-8663-46B5-B195-6CEB00D44768}" = adsl TV
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print
    "{3E908702-AF35-4611-9518-955DA24B7E07}" = Analyseur et SDK XML Microsoft
    "{44BAC2DD-0574-4047-B736-A7687401C1CD}" = WinFast(R) Display Driver
    "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4D12D805-50B2-4287-B3B9-AD4D74F85693}" = BOINC
    "{502358FB-0718-45BC-B142-7511F1694D58}" = Macrogaming SweetIM 2.1
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{5E11064C-41D6-4451-B45A-E36DFBCB84AC}" = Download Guard for Internet Explorer
    "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
    "{66D475AE-F18B-43A0-8BAF-61AF4403E339}" = Webcam 1200
    "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
    "{6860B340-530D-46B3-91F8-1AE1F70F7C33}" = OpenOffice.org 3.0
    "{6C4D4FC0-467B-4BD7-8D11-50E49B2770D2}" = Ma-Config.com
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111547587}" = Rack em Up Road Trip
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112204560}" = Gutterball 2
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112245540}" = Zen of Sudoku
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{896D642C-7125-44F0-AC49-A23ABF82209C}" = CDBurnerXP Pro 3
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
    "{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81
    "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
    "{9984DF60-1C5B-11D3-ACA1-908A4FC10801}" = Intel Application Accelerator
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
    "{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}" = CCHelp
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
    "{A7894110-9C15-43EF-89E9-060363290188}" = Samsung PC Studio
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{ABE068DF-8DC4-4947-ABFC-DD2B40850225}" = SFR2
    "{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.4 - Français
    "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
    "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
    "{B6BA6111-75DF-426D-9230-91C42425219F}" = NETGEAR WG311 Wireless PCI Adapter
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{BEB3AD23-250E-4BD2-BBC9-27D4BB42DE07}" = COMODO System - Cleaner
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}" = SFR
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
    "{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Logiciel Kodak EasyShare
    "{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
    "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
    "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
    "{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}" = livebox
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "1000 Mots station_is1" = 1000 Mots station V2
    "4StoryFR_is1" = 4Story 1.6
    "Ad-Aware" = Ad-Aware
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "a-squared Free_is1" = a-squared Free 3.5
    "avast5" = avast! Free Antivirus
    "Barbie(TM) Défilé de mode" = Barbie(TM) Défilé de mode
    "Barbie(TM) Horse Adventures(TM)" = Barbie(TM) Horse Adventures(TM)
    "Burn4Free CD & DVD_is1" = Burn4Free CD & DVD 4.9.0.0
    "cayahooantispy" = CA Yahoo! Anti-Spy (remove only)
    "CCleaner" = CCleaner (remove only)
    "Debut" = Debut Video Capture Software
    "Disney Panique à Mickeyville" = Disney Panique à Mickeyville
    "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
    "DivX Setup.divx.com" = Configuration DivX
    "Dragonica(FR)" = Dragonica(FR)
    "DriverAgent.exe" = DriverAgent by eSupport.com
    "EoS-{5CCCD423-F673-4CD8-9464-9D950F49BBC3}" = Empire of Sports 1.104
    "EPSON Printer and Utilities" = EPSON Logiciel imprimante
    "EPSON Scanner" = EPSON Scan
    "EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation" = EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel
    "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
    "Evonsoft Computer Repair_is1" = Evonsoft Computer Repair 1.0
    "Fissa" = Fissa
    "FlashLynx" = FlashLynx Video Download Software
    "Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.2
    "GameSpy Arcade" = GameSpy Arcade
    "Glary Utilities_is1" = Glary Utilities 2.13.0.689
    "Google Chrome" = Google Chrome
    "Google Updater" = Outil de mise à jour Google
    "Heroes of Might and Magic IV" = Heroes of Might and Magic® IV
    "Hide IP NG_is1" = Hide IP NG 1.55
    "HijackThis" = HijackThis 2.0.2
    "ie8" = Windows Internet Explorer 8
    "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
    "KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Full)
    "Little Registry Cleaner" = Little Registry Cleaner
    "LundiMatin" = Lundi Matin Business
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "MAX2" = MAX2
    "MAX2 Patch" = MAX2 Patch
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
    "nettvplayer 2.0" = nettvplayer 2.0
    "NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
    "Plugin de navigateur PopCap" = PopCap Browser Plugin
    "Quick Zip_is1" = Quick Zip 4.60.019
    "QuickTime" = QuickTime
    "SAGEM Full USB" = SAGEM Full USB v3.5.3.0 (WHQL)
    "Shareaza_is1" = Shareaza 2.5.3.0
    "Smart PC Professional_is1" = Smart PC Professional v5.0
    "Spyware Doctor" = Spyware Doctor 6.0
    "SSC Service Utility_is1" = SSC Service Utility v4.30
    "Stellarium_is1" = Stellarium 0.10.2
    "Switch" = Switch Sound File Converter
    "ToolBox" = NCH Toolbox
    "Uninstall_is1" = Uninstall 1.0.0.1
    "VLC media player" = VLC media player 1.0.1
    "Vodafone 804SS USB driver" = Vodafone 804SS USB driver Software
    "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    "Windows XP Service" = Windows XP Service Pack 3
    "WinGimp-2.0_is1" = GIMP 2.6.10
    "WinLiveSuite_Wave3" = Installation Windows Live
    "Wondershare Photo Recovery_is1" = Wondershare Photo Recovery(build 2.0.2)
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "Yahoo! Anti-Spy" = Yahoo! Anti-Spy
    "Yahoo! Companion" = Yahoo! Toolbar
    "Yahoo! Software Update" = Yahoo! Software Update

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "f031ef6ac137efc5" = Dell Driver Download Manager
    "Facebook Plug-In" = Facebook Plug-In
    "TimeAdjuster" = Time Adjuster STANDARD 3.1
    "Warcraft III" = Warcraft III: All Products

    ========== Last 10 Event Log Errors ==========

    [ Antivirus Events ]
    Error - 07/11/2009 19:41:48 | Computer Name = -7KBQKCVRF | Source = avast! | ID = 33554522
    Description =

    Error - 11/11/2009 20:48:46 | Computer Name = -7KBQKCVRF | Source = avast! | ID = 33554522
    Description =

    Error - 11/11/2009 20:58:06 | Computer Name = -7KBQKCVRF | Source = avast! | ID = 33554522
    Description =

    Error - 11/11/2009 20:59:37 | Computer Name = -7KBQKCVRF | Source = avast! | ID = 33554522
    Description =

    Error - 11/11/2009 20:59:38 | Computer Name = -7KBQKCVRF | Source = avast! | ID = 33554522
    Description =

    Error - 11/11/2009 21:20:31 | Computer Name = -7KBQKCVRF | Source = avast! | ID = 33554522
    Description =

    Error - 12/11/2009 05:07:27 | Computer Name = -7KBQKCVRF | Source = avast! | ID = 33554522
    Description =

    Error - 12/11/2009 11:46:17 | Computer Name = -7KBQKCVRF | Source = avast! | ID = 33554522
    Description =

    [ Application Events ]
    Error - 29/12/2010 20:22:53 | Computer Name = -7KBQKCVRF | Source = Application Error | ID = 1000
    Description = Application défaillante netgearag.exe, version 2.12.17.3, module défaillant
    netgearag.exe, version 2.12.17.3, adresse de défaillance 0x000170d7.

    Error - 31/12/2010 10:02:16 | Computer Name =-7KBQKCVRF | Source = Application Error | ID = 1000
    Description = Application défaillante netgearag.exe, version 2.12.17.3, module défaillant
    netgearag.exe, version 2.12.17.3, adresse de défaillance 0x000170d7.

    Error - 31/12/2010 22:15:34 | Computer Name = -7KBQKCVRF | Source = Application Error | ID = 1000
    Description = Application défaillante netgearag.exe, version 2.12.17.3, module défaillant
    netgearag.exe, version 2.12.17.3, adresse de défaillance 0x000170d7.

    Error - 31/12/2010 23:32:27 | Computer Name = -7KBQKCVRF | Source = Application Error | ID = 1000
    Description = Application défaillante netgearag.exe, version 2.12.17.3, module défaillant
    netgearag.exe, version 2.12.17.3, adresse de défaillance 0x000170d7.

    Error - 01/01/2011 10:54:56 | Computer Name =-7KBQKCVRF | Source = Application Error | ID = 1000
    Description = Application défaillante netgearag.exe, version 2.12.17.3, module défaillant
    netgearag.exe, version 2.12.17.3, adresse de défaillance 0x000170d7.

    Error - 01/01/2011 14:57:06 | Computer Name = -7KBQKCVRF | Source = MsiInstaller | ID = 11905
    Description = Produit : Nokia Software Updater -- Erreur 1905. Impossible d'annuler
    l'inscription du module C:\Program Files\Fichiers communs\Nokia\Tss\Communication
    API\cmn_usbdcm.dll. HRESULT -2147220472. Contactez votre service de support technique.

    Error - 01/01/2011 14:57:07 | Computer Name = -7KBQKCVRF | Source = MsiInstaller | ID = 11905
    Description = Produit : Nokia Software Updater -- Erreur 1905. Impossible d'annuler
    l'inscription du module C:\Program Files\Fichiers communs\Nokia\Tss\Communication
    API\dtl.dll. HRESULT -2147220472. Contactez votre service de support technique.

    Error - 01/01/2011 18:01:48 | Computer Name = -7KBQKCVRF | Source = MsiInstaller | ID = 11722
    Description = Produit : Java(TM) 6 Update 23 -- Erreur 1722. Un problème s'est produit
    sur ce package Windows Installer. Un programme exécuté dans le cadre de l'installation
    ne s'est pas terminé correctement. Contactez votre service de support ou le distributeur
    du package. Action patchjre, emplacement : C:\Program Files\Java\jre6\patchjre.exe,
    commande : -s "C:\Program Files\Java\jre6"

    Error - 01/01/2011 18:04:47 | Computer Name = -7KBQKCVRF | Source = MsiInstaller | ID = 11722
    Description = Produit : Java(TM) 6 Update 23 -- Erreur 1722. Un problème s'est produit
    sur ce package Windows Installer. Un programme exécuté dans le cadre de l'installation
    ne s'est pas terminé correctement. Contactez votre service de support ou le distributeur
    du package. Action patchjre, emplacement : C:\Program Files\Java\jre6\patchjre.exe,
    commande : -s "C:\Program Files\Java\jre6"

    Error - 02/01/2011 12:10:18 | Computer Name = -7KBQKCVRF | Source = Application Error | ID = 1000
    Description = Application défaillante sandra.exe, version 17.25.2011.1, module défaillant
    itircl.dll, version 5.2.3790.2453, adresse de défaillance 0x000136b7.

    [ Application Events ]
    Error - 29/12/2010 20:22:53 | Computer Name =-7KBQKCVRF | Source = Application Error | ID = 1000
    Description = Application défaillante netgearag.exe, version 2.12.17.3, module défaillant
    netgearag.exe, version 2.12.17.3, adresse de défaillance 0x000170d7.

    Error - 31/12/2010 10:02:16 | Computer Name = -7KBQKCVRF | Source = Application Error | ID = 1000
    Description = Application défaillante netgearag.exe, version 2.12.17.3, module défaillant
    netgearag.exe, version 2.12.17.3, adresse de défaillance 0x000170d7.

    Error - 31/12/2010 22:15:34 | Computer Name =-7KBQKCVRF | Source = Application Error | ID = 1000
    Description = Application défaillante netgearag.exe, version 2.12.17.3, module défaillant
    netgearag.exe, version 2.12.17.3, adresse de défaillance 0x000170d7.

    Error - 31/12/2010 23:32:27 | Computer Name = -7KBQKCVRF | Source = Application Error | ID = 1000
    Description = Application défaillante netgearag.exe, version 2.12.17.3, module défaillant
    netgearag.exe, version 2.12.17.3, adresse de défaillance 0x000170d7.

    Error - 01/01/2011 10:54:56 | Computer Name = -7KBQKCVRF | Source = Application Error | ID = 1000
    Description = Application défaillante netgearag.exe, version 2.12.17.3, module défaillant
    netgearag.exe, version 2.12.17.3, adresse de défaillance 0x000170d7.

    Error - 01/01/2011 14:57:06 | Computer Name = -7KBQKCVRF | Source = MsiInstaller | ID = 11905
    Description = Produit : Nokia Software Updater -- Erreur 1905. Impossible d'annuler
    l'inscription du module C:\Program Files\Fichiers communs\Nokia\Tss\Communication
    API\cmn_usbdcm.dll. HRESULT -2147220472. Contactez votre service de support technique.

    Error - 01/01/2011 14:57:07 | Computer Name = -7KBQKCVRF | Source = MsiInstaller | ID = 11905
    Description = Produit : Nokia Software Updater -- Erreur 1905. Impossible d'annuler
    l'inscription du module C:\Program Files\Fichiers communs\Nokia\Tss\Communication
    API\dtl.dll. HRESULT -2147220472. Contactez votre service de support technique.

    Error - 01/01/2011 18:01:48 | Computer Name = -7KBQKCVRF | Source = MsiInstaller | ID = 11722
    Description = Produit : Java(TM) 6 Update 23 -- Erreur 1722. Un problème s'est produit
    sur ce package Windows Installer. Un programme exécuté dans le cadre de l'installation
    ne s'est pas terminé correctement. Contactez votre service de support ou le distributeur
    du package. Action patchjre, emplacement : C:\Program Files\Java\jre6\patchjre.exe,
    commande : -s "C:\Program Files\Java\jre6"

    Error - 01/01/2011 18:04:47 | Computer Name = -7KBQKCVRF | Source = MsiInstaller | ID = 11722
    Description = Produit : Java(TM) 6 Update 23 -- Erreur 1722. Un problème s'est produit
    sur ce package Windows Installer. Un programme exécuté dans le cadre de l'installation
    ne s'est pas terminé correctement. Contactez votre service de support ou le distributeur
    du package. Action patchjre, emplacement : C:\Program Files\Java\jre6\patchjre.exe,
    commande : -s "C:\Program Files\Java\jre6"

    Error - 02/01/2011 12:10:18 | Computer Name = -7KBQKCVRF | Source = Application Error | ID = 1000
    Description = Application défaillante sandra.exe, version 17.25.2011.1, module défaillant
    itircl.dll, version 5.2.3790.2453, adresse de défaillance 0x000136b7.

    [ System Events ]
    Error - 02/01/2011 13:00:49 | Computer Name = -7KBQKCVRF | Source = Service Control Manager | ID = 7023
    Description = Le service HID Input Service s'est arrêté avec l'erreur : %%2

    Error - 02/01/2011 13:00:49 | Computer Name = -7KBQKCVRF | Source = Service Control Manager | ID = 7023
    Description = Le service Stockage amovible s'est arrêté avec l'erreur : %%998

    Error - 02/01/2011 13:02:15 | Computer Name = MILAN-7KBQKCVRF | Source = Service Control Manager | ID = 7009
    Description = Délai (30000 millisecondes) d'attente pour une connexion du service
    Service de la passerelle de la couche Application.

    Error - 02/01/2011 13:02:20 | Computer Name = -7KBQKCVRF | Source = Service Control Manager | ID = 7000
    Description = Le service Service de la passerelle de la couche Application n'a pas
    pu démarrer en raison de l'erreur : %%1053

    Error - 02/01/2011 13:02:54 | Computer Name = -7KBQKCVRF | Source = DCOM | ID = 10010
    Description = Le serveur {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 02/01/2011 13:05:24 | Computer Name = -7KBQKCVRF | Source = DCOM | ID = 10010
    Description = Le serveur {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 02/01/2011 13:06:45 | Computer Name = -7KBQKCVRF | Source = Service Control Manager | ID = 7009
    Description = Délai (30000 millisecondes) d'attente pour une connexion du service
    HTTP SSL.

    Error - 02/01/2011 13:06:50 | Computer Name = -7KBQKCVRF | Source = Service Control Manager | ID = 7000
    Description = Le service HTTP SSL n'a pas pu démarrer en raison de l'erreur : %%1053

    Error - 02/01/2011 13:07:54 | Computer Name = -7KBQKCVRF | Source = Service Control Manager | ID = 7009
    Description = Délai (30000 millisecondes) d'attente pour une connexion du service
    HTTP SSL.

    Error - 02/01/2011 13:07:59 | Computer Name = -7KBQKCVRF | Source = Service Control Manager | ID = 7000
    Description = Le service HTTP SSL n'a pas pu démarrer en raison de l'erreur : %%1053


    < End of report >

    m
    0
    l
    2 Janvier 2011 19:33:00

    Zut je n'ai pas fait la personnalisation d'OTL c'est grave ?
    m
    0
    l
    a c 615 8 Sécurité
    3 Janvier 2011 16:00:12

    Re,

    Non çà ira, de toute façon c'est pas infectieux.

    Citation :
    umpnpmgr.dll!PNP_HwProFlags+0x2ba
    Lié au service plug and play de windows, donc les périphérique usb.
    Y'aurait rien de connecté au pc qui pourrait poser souci ? téléphone, clé usb, etc, tente de les enlever pour voir.

    Y'a aussi besoin d'un peu de nettoyage dans les programmes, mais on verra ensuite.

    m
    0
    l
    3 Janvier 2011 16:03:36

    Re, non il n'y a rien de branché en USB, quel la suite?
    m
    0
    l
    a c 615 8 Sécurité
    3 Janvier 2011 16:29:36

    Re,

    Le plus simple si c'est un programme ou une modification matériel qui a généré cela, c'est de tenter une restauration de ton système à une date antérieure à l'apparition du problème, tu ne perdras aucun document personnel, juste des programmes s'ils ont été installé entre temps.

    http://www.inforumatique.fr/forum/la-restauration-du-sy...

    [:_tom_:7]
    m
    0
    l
    3 Janvier 2011 17:18:03

    déjà fait mais sans résultat (en premier lieu), autres choses ?
    m
    0
    l
    a c 615 8 Sécurité
    3 Janvier 2011 17:46:58

    Re,

    Tu es remonté assez loin dans les points de restauration ?

    Tu as un cd original de windows xp?
    m
    0
    l
    4 Janvier 2011 17:34:05

    Bonjour, la restauration remonte à trois jours avant le problème, j'ai même désactiver les USB dans "gestionnaire de périphérique" ça ne change rien et quels manipulations puis je faire avec le CD XP, que me conseil tu pour la suite? merci, salutation.
    m
    0
    l
    4 Janvier 2011 20:53:02

    Re, j'avais complètement oublié la fonction sfc /scannow, mais cela n'a rien donné, que me propose tu ?
    m
    0
    l
    a c 615 8 Sécurité
    4 Janvier 2011 21:32:53

    :lol: 

    Plus grand chose à part une réparation ...
    Ce qui est pour moi excessif vis à vis du souci ...

    Je pense néanmoins qu'un programme ou un périphérique est à l'origine surtout quand je vois le nombre d'erreur dans le journal windows ...

    Mais cela aurait dû s'arranger avec la restauration ...

    Faudrait voir à supprimer quelques programme voir si çà arrange les chose,s beaucoup sont superflu :

    "{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
    "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 (tu possèdes une version plus récente)

    Ad-Aware Email Scanner for Outlook (obsolète et inutile avast contient un anti-spyware )
    Macrogaming SweetIM 2.1
    Download Guard for Internet Explorer
    Skype Toolbars
    Adobe Reader 9.3.4 - Français (en double avec la version 9.4.x)
    Spybot - Search & Destroy (obsolète et inutile avast contient un anti-spyware )
    "Ad-Aware" = Ad-Aware (obsolète et inutile avast contient un anti-spyware )
    "a-squared Free_is1" = a-squared Free 3.5 (inutile, avast contient un anti-spyware)
    "cayahooantispy" = CA Yahoo! Anti-Spy (remove only)
    "DriverAgent.exe" = DriverAgent by eSupport.com
    "Evonsoft Computer Repair_is1" = Evonsoft Computer Repair 1.0
    "Glary Utilities_is1" = Glary Utilities 2.13.0.689
    "Hide IP NG_is1" = Hide IP NG 1.55
    "Little Registry Cleaner" = Little Registry Cleaner
    "Plugin de navigateur PopCap" = PopCap Browser Plugin
    "SAGEM Full USB" = SAGEM Full USB v3.5.3.0 (WHQL) (pilote usb, peut être en cause)
    "Spyware Doctor" = Spyware Doctor 6.0 (anti-spyware utilisant des méthodes publicitaires douteuses ...)
    "ToolBox" = NCH Toolbox
    "Vodafone 804SS USB driver" = Vodafone 804SS USB driver Software (pilote usb, peut être en cause)
    "Yahoo! Anti-Spy" = Yahoo! Anti-Spy (inutile)
    "Yahoo! Companion" = Yahoo! Toolbar


    Faudrait se calmer sur les logiciel sois-disant sécuritaire ;)  ... les accumuler ne sert à rien qu'encombrer le pc et diminuer ses performances ... un bon comportement est bien plus intelligent.

    [:_tom_:7]
    m
    0
    l
    6 Janvier 2011 13:09:03

    Salut, j'ai tout fait tout essayé, toujours même problème, existe il un scan plus complet pour te permettre de me donner la solution au problème?
    car c'est vrais que lancer la réparation ne me plais pas.
    m
    0
    l
    a c 615 8 Sécurité
    6 Janvier 2011 21:18:01

    Re,

    Non il n'existe pas de scan miracle ... on sait que la surcharge vient du processus gérant les services et d'après ce que tu as noté, venant du service plug and play et l'usb, et à priori s'il est apparu du jour au lendemain, c'est soit du à une mise à jour du système, soit à un programme ou un périphérique installé.

    Dans les deux cas, une restauration système aurait du régler le souci.

    Je suppose qu'en mode sans échec, ce souci ne se présente pas ? (F8 au démarrage du pc)

    Y'a-t-il des erreurs dans ton gestionnaire des périphériques ? (triangle jaune ou croix rouge)
    (Démarrer -> panneau de config -> système -> onglet "matériel" -> gestionnaire des périphériques)




    m
    0
    l
    9 Janvier 2011 01:17:17

    re, non aucun problème coté périphériques, en mode sans échec c'est pareil , services.exe a fond, le prob est apparus le 26/12 et j'ai fait la resto du 23/12, parfois j'ai une fenêtre qui dit "une installation n'est pas terminé", alors que je n'istalle plus rien, comment voir si une installe tourne en tache de fond?
    m
    0
    l
    a c 615 8 Sécurité
    9 Janvier 2011 11:27:24

    Re,

    Si le problème apparait aussi en mode sans échec, c'est pas cool, c'est que le système est touché même dans ces paramètres essentiels et minimaux.

    Faudrait tenter au cas ou la "dernière bonne configuration connue", le choix qui apparait quand tu veux démarrer en mode sans échec dans le menu
    (tu as "mode sans échec", "mode sans échec avec prise en charge réseau" et le fameux "dernière bonne configuration connue")

    m
    0
    l
    10 Janvier 2011 00:29:34

    re? la "dernière bonne configuration connue" ne change rien, je sais plus quoi faire a par installe puis réparation.
    m
    0
    l
    a c 615 8 Sécurité
    10 Janvier 2011 17:07:20

    Re,

    Si rien ne fonctionne tu peux toujours tenter la réparation sans perte de données :
    http://www.inforumatique.fr/forum/reparer-windows-t2263...

    Attention, de bien choisir "installer" PUIS réparer.

    /!\ il existe toujours un risque de perte de document dans cette manipulation, prend tes précautions avant !
    m
    0
    l
    17 Janvier 2011 10:41:24

    re, j'ai en fait réinstaller windows dans un autres répertoire et je sauvegarde mes documents fichiers et photos, puis formatage et installation propre, malgré tout nos efforts je vois pas d'autres solutions, en tout cas merci, salutation.









    PS: comment on met "résolu" (si on peut dire) ?
    m
    0
    l

    Meilleure solution

    a c 615 8 Sécurité
    17 Janvier 2011 18:52:59

    Re,

    Ouais je sais, nous non plus helper nous n'aimons pas en arrivé là, vu que cela signifie que nous n'avons pas réussi, mais parfois, on ne peu pas espérer mieux ...

    Dis-nous quand même si cela résous ton souci ...

    Tu peux indiquer ton sujet "réglé" en cliquant sur le bouton "éditer" dans ton tout premier message.
    -> Ajoute ensuite "résolu" à coté de ton titre et valide.


    A bientôt sur les forums Tom's Guide
    partage
    20 Janvier 2011 03:05:09

    Meilleure réponse sélectionnée par zhdopanthi.
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS